Written By Alan Zeichick And Presented By Charles Leaver
Ransomware is real, and is threatening individuals, services, schools, health centers, local governments – and there’s no indication that ransomware is stopping. In fact, it’s most likely increasing. Why? Let’s be honest: Ransomware is most likely the single most efficient attack that cyber criminals have actually ever created. Anybody can develop ransomware using easily available tools; any cash received is most likely in untraceable Bitcoin; and if something fails with decrypting someone’s hard disk, the cyber criminal isn’t really affected.
A business is impacted by ransomware every forty seconds, in accordance with some sources, and 60% of malware problems were ransomware. It strikes all sectors. No industry is safe. And with the rise of RaaS (Ransomware-as-a-Service) it’s gon na worsen.
The good news: We can resist. Here’s a four-step fight strategy.
Great Standard Hygiene
It starts with training workers ways to manage malicious emails. There are falsified messages from service partners. There’s phishing and target spearphishing. Some will survive email spam/malware filters; employees have to be taught not to click on links in those messages, or naturally, not to give permission for plugins or apps to be set up.
However, some malware, like ransomware, is going to get through, often making use of out-of-date software or unpatched systems, just like in the Equifax breach. That’s where the next action comes in:
Ensuring that end points are completely patched and totally up-to-date with the latest, most safe and secure operating systems, applications, utilities, device drivers, and code libraries. That way, if there is an attack, the endpoint is healthy, and has the ability to best battle the infection.
Ransomware isn’t really an innovation or security problem. It’s an organization problem. And it’s so much more than the ransom that is demanded. That’s nothing compared to loss of efficiency because of downtime, poor public relations, disgruntled clients if service is disrupted, and the expense of reconstructing lost data. (And that presumes that important intellectual property or protected financial or client health data isn’t stolen.).
What else can you do? Backup, backup, backup, and safeguard those backups. If you don’t have safe, secured backups, you cannot bring back data and core infrastructure in a prompt style. That consists of making daily snapshots of virtual machines, databases, applications, source code, and setup files.
Services require tools to spot, identify, and avoid malware like ransomware from dispersing. This needs continuous visibility and reporting of exactly what’s occurring in the environment – including “zero day” attacks that haven’t been seen before. Part of that is keeping track of endpoints, from the smart phone to the PC to the server to the cloud, to guarantee that endpoints are up-to-date and protected, and that no unexpected changes have been made to their underlying configuration. That way, if a machine is infected by ransomware or other malware, the breach can be identified rapidly, and the device isolated and closed down pending forensics and recovery. If an endpoint is breached, quickly containment is critical.
The Four Tactics.
Great user training. Upgrading systems with patches and fixes. Supporting whatever as frequently as possible. And utilizing tracking tools to help both IT and security groups identify problems, and react quickly to those problems. When it comes to ransomware, those are the four battle-tested strategies we need to keep our companies safe.
You can learn more about this in a brief eight-minute video, where I talk with a number of market professionals about this concern: